Bruce Schneier is worried that Russia is going to hijack our election:

Even more important, we need to secure our election systems before autumn. If Putin’s government has already used a cyberattack to attempt to help Trump win, there’s no reason to believe he won’t do it again — especially now that Trump is inviting the “help.”

Over the years, more and more states have moved to electronic voting machines and have flirted with Internet voting. These systems are insecure and vulnerable to attack.

But while computer security experts like me have sounded the alarm for many years, states have largely ignored the threat, and the machine manufacturers have thrown up enough obfuscating babble that election officials are largely mollified.

We no longer have time for that. We must ignore the machine manufacturers’ spurious claims of security, create tiger teams to test the machines’ and systems’ resistance to attack, drastically increase their cyber-defenses and take them offline if we can’t guarantee their security online.

This is indeed disturbing. Not just because of what Russia could do, but because of what a number of interested parties could if they were so inclined. Foreign threats are particularly worrisome, though, because they’re beyond our jurisdiction.

What I find interesting is how many people on Twitter have suggested that this is further proof we need to take elections out of state hands and put them in the trust of the federal government. This strikes me as backwards.

Whether elections should be run by the states or the federal government is an interesting question, and one I am on the fence about. My love of federalism blah blah blah says it should be done by the states, and until the last few years that was my position. However, the logjam on some election reforms I would like to see, as well as elections themselves becoming something of a partisan fight, have shifted me towards the middle. But this? This pushes me back towards the states. Indeed, it makes me a little more fond of the electoral college.

The idea of doing everything federally is that The Federal Government Can Do It Right. The thing is, though, that even if we grant the competence of the federal government as being more substantial than that of the state governments, it also creates a central port for hacking. All Putin or anyone else would need to do is get into one system. Meanwhile, under a state-run situation, they’d need to get into five or six at minimum. Even if it’s twice as difficult to get into the federal system, the odds are better with the state systems. This, to me, suggests that there should be more separation rather than less.

Further, fraud would be easier to detect if they could get through some but not all of the state systems. If they can get into Pennsylvania but not Ohio, the odd results would be more noticeable. If they can get into a central system, they can manipulate the results in such a way to make it difficult to tell, giving the appearance of a uniform swing.

Schneier’s specific proposals seem okay to me. I am mostly against technology in voting. The long count in Australia has given me second thoughts, but it’s more difficult to manipulate pencil and paper, and you can (if you are so inclined) add controls. You can mitigate this with paper tracking, though, and I’m certainly open to that.

But please, let’s not get into this notion that if we just centralize everything and leave it open to the experts in the federal government, only then will we be safe.


Category: Newsroom

About the Author


2 Responses to Pencil And Paper, Please

  1. Michael Cain says:

    Paper-and-pencil are sweeping across the West. Oregon and Washington are essentially a hundred percent vote-by-mail. Colorado is >95% (in-person election-day voting is possible, but inconvenient). In Arizona, >70% of the ballots cast two years ago were by mail (registration drives among Hispanic voters there also sign them up for vote-by-mail). In California and Montana, >60%. Overall, about 60% of votes cast in the 11 contiguous western states are cast by mail, and that number is climbing steadily.

    Granted that there are opportunities for retail voter fraud in a vote-by-mail system (although the numbers in Colorado, Oregon, and Washington seem to be minuscule). I’ll take that in preference over the kinds of wholesale fraud that insecure networked voting computers enable.

Leave a Reply

Your email address will not be published.

If you are interested in subscribing to new post notifications,
please enter your email address on this page.